Registering an OpenAthens LA Identity Provider

Before applying to register an OpenAthens LA identity provider entity with the UK Federation, you need to:

Once the software has been installed and a certificate obtained, the Management Liaison should email the registration request to the UK Federation Helpdesk and include the information listed below. This information will be verified and placed in an <EntityDescriptor> entry in the federation metadata.

  • Administrative contact: A name and email address for the Administrative contact.
  • Technical contact: A name and email address for the Technical contact.
  • Support contact: A name and email address for the Support contact.
  • User accountability: A declaration whether or not the identity provider commits to observe the provisions of 'user accountability', as defined in section 6 of the federation's Rules of Membership. Specify 'yes' or 'no'. ('yes' may require extra work by the identity provider, 'no' will deny your end users access to some services.)
  • Security domains: The security domains (scopes) for which attribute assertions made by this identity provider should be considered valid. Usually there will be only one of these and it will be either the institution's DNS domain (example.ac.uk), or the fully-qualified domain name of the server machine (idp.example.ac.uk). This should be specified in lower case.
  • Entity ID: The entity ID is a URI identifying your identity provider. It must be different from the entity ID of any existing identity provider or service provider you may already have in the UK federation. If your identity provider is already a member of another federation please give its existing entity ID, even if it appears to be federation-specific. If it is not already a member of another federation, please consult EntityIDPolicy.
  • Organization display name: A short name (a few words at most) to identify your site. This is the text which will appear in the WAYF list of identity providers. The text selected should comply with these guidelines.
  • Organization URL: The URL of a web page providing a description of the organisation or organisational unit responsible for operating the identity provider.
  • Service description URL: The URL of a web page providing a description of the identity provider service itself. If omitted, this defaults to the Organization URL.
  • Software: (optional) The type and release number of the software you have chosen to deploy for your IdP; e.g. OpenAthens LA 2.0. This information is optional, but providing it enables us to gauge appropriate support levels for software in use within the federation.
  • Visibility: (optional - 'yes' by default) If your identity provider is not currently intended for production use you may wish it have it omitted from the list of identity providers displayed by the standard, or filtered, WAYF; it will still appear in the development, or unfiltered, WAYF which displays all federation identity providers. See section 6.3 of the Technical Recommendations for Participants PDF File for further details. Specify 'no' if you wish your identity provider to be omitted from the WAYF list.

  • Automatically generated metadata: The remaining information required for the registration of your IdP is in the metadata generated by your IdP installation. Please see Eduserv's documentation for the URL pointing to that metadata.

Please include that URL in your registration.

We will let you know by email once the UK Federation metadata has been updated to include the information you have supplied.